When using a dynamic and more secure attr_accessible approach (code originally by Ryan Bates) where we are blocking all undeclared attr_accessible elements (using Rails v3.1.1):
def mass_assignment_authorizer(role = :default)
if accessible == :all
super + (accessible || )
and trying to save an object using this approach, I get the following error:
ActiveRecord::Base : WARNING: Can't mass-assign protected attributes: slug
PGError: ERROR: null value in column "slug" violates not-null constraint
: INSERT INTO "friendly_id_slugs" ("created_at", "slug", "sluggable_id", "sluggable_type") VALUES ($1, $2, $3, $4) RETURNING "id"
Adding a :slug attribute in my mass_assignment_authorizer method fixes this issue, but is not elegant. How can this be fixed on a core level? I was not able to locate the specific class in the friendly_id library in order to perform such desired change.
Many devs are making changes to their apps right now to eliminate mass
assigment, so this is a potential source of incompatibility. Since it's
very easy to avoid, let's just make the change so we can be more easily
See issue #254.
I just pushed a small change which I think should help you, please see the notes in the commit referenced above and let me know if the change works for your app.
Norman, this is great! Thanks for the super quick response and fix.
I have tested it just now (using your master version) and I can confirm that it is working as expected. The note is very clear indeed.
Thanks again for this!
Awesome, glad I could help. Thanks for confirming the fix. I'll push this out in a new version soon, probably before the end of the week and possibly as soon as today.
much appreciated, for now I will just use the master repo :)